GridinSoft Threat Intelligence
view.exe threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as Trojan.Generic. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- Trojan.Generic
- Recommended action
- Scan and remove
- Last analysis
- 2022-06-06 23:37:49 (3 years ago)
- File hash
- 81fd3f5400d27c37404c76603cbc71d3
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as Trojan.Generic, part of the Trojan threat category.
Malware disguised as legitimate software or delivered through deceptive packaging. Related Trojan reports help compare this file with nearby detections, publishers, and hashes.
First seen 2022-06-06 23:37:49 (3 years ago); latest analysis 2022-06-06 23:37:49 (3 years ago).
Company metadata: Invensys Systems, Inc.. Product metadata: InTouch.
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present. Review the Trojan category for related samples and common context.
File context
view.exe is a Windows file recorded in the ThreatInfo database. It is associated with InTouch. The reported company name is Invensys Systems, Inc.. The current detection status is Trojan.Generic, based on the latest analysis from 2022-06-06 23:37:49 (3 years ago). ThreatInfo groups this verdict with Trojan reports for broader family-level investigation.
If view.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Generic.
File Details
| Product Name: | InTouch |
| Company Name: | Invensys Systems, Inc. |
| MD5: | 81fd3f5400d27c37404c76603cbc71d3 |
| Size: | 1 MB |
| First Published: | 2022-06-06 23:37:49 (3 years ago) |
| Latest Published: | 2022-06-06 23:37:49 (3 years ago) |
| Status: | Trojan.Generic (on last analysis) | |
| Analysis Date: | 2022-06-06 23:37:49 (3 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Common Places:
| %sysdrive%\04_colombia-docencia uan\curso 2020\ii semestre\23 sistemas scada\09 simulador virtual scadas\intouch\wonderware_intouch_10 by @elion24\wonderware intouch 10.0\wonderware |
ThreatInfo has observed view.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen view.exe across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Colombia with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for view.exe is Windows 8.1 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
view.exe is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
a0372e8f2c3527ca9f3312beec36ca96
c8a4c2046216b267ce9825044a1f2668
0560a50469d36c121a2435b6cc7f9cc1
63b009a22a03ecc7e245076520cf5285
e4758c426ce50d6c2bcd6659d1377141
81deec0cbbbb3eea16eb03d02d1d624a
1e9f0351d0493416b43317f3cea38e39
ed57a2e26042caaaba8b5d970d314208
166438ff9bf628a04129710622dae11a
ed661c1465b992c0dbaf6023cf9c5434
1627f2cf0b99886b24c25ac79831d1e0
811e329c2d93120da636de12742fc214
64f3feb96f83866fd52d46c055af72fc
0722258757d698a47254962cbf6a3ccc
934ed1530e3b2f5fb9a899cdd84d3160
ea6901a1b4a7d2f41a38674b28da03be
32f1823e7e394588e614f599fdb35d10
c153462b9a8d3f98aef7374da022f594
df146458fa492505bb831a3f85f8e66b
705a6509fec2ddc1dda59513288a62aa
d60825781f56880e8ba127a834b9150d
fcd3d2fdfa9a1cc2a2490928514d2106
117fedbe38d137f0fb60448bf15e1276
5e687339414e20f4c6df1d8d1575ac79
77f0e5cb1ab4d433da290cb643e34064
f5e6b100a6341ca338482bba18342736
cb788a40989e3645cc95153370faa914
1374ea7d28b3a3e17f709f25e94f271d
7a52c0809c045fd5817389a4d00b9eb1
73ab627c8316373031f10d9688162a62
a446d7d313167210e0a93f8d4710a36d
1e1c305013523fbacdb329f579e727f2
5ce1499645c64a918a55292bfd0ad785
270ec134af3022104effc89f11e4e236
717bd407ef4bed5f903e7dba6270a7c6
cc4970ff99b7f2b05cd23ea36b845d8f
2b3420a8bd27b2ba1a8536eefae91a42
1b0224e385ad5b54b4cc62308cdd8b7d
a271918c5c1dc50b9708fcca8ab1b4f6
bd7bbb33b55c25fbd3ea49de04871582
9fb630c988b2802115eb5fe1b3b9ff6b
b71287490a40429a4df12b1e46f736f5
dd9ab98033f1875655f4d261ff1d1a8c
d1760b6934c7e7e4651d804473c80bc7
0ccb5456a9dd9c0b4dee0ab001a4d3be
dd01b1b1aa89c65968edae42013eb63a
dfcc012745643ea3a3df5de5a1d4659f
753e9579f4260f3517777fd6573c19a7
6159fe8ae8eda264847388353bcd3c21
f4131ab2971bd4a809e3a658702df1a8
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as Trojan.Generic
This report identifies view.exe by MD5 81fd3f5400d27c37404c76603cbc71d3. It is part of the Trojan report group. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.